Summary Edit For the average Web site,ralph lurean femme,air jordan femme, a daily or weekly full backup of both site files and database records is normally more than enough. Keeping a number of backups for a period of time is always a good plan, maybe keep each weekly backup for one month. This allows you to recover an old site in the case of emergencies or if for some reason you have local backup file corruption. There are many PHP and Perl scripts on the Web that can be automated through CRONTAB and can either email (if small enough) or FTP the backup files to an off-or cross-server location. Remember that to some degree with Joomla! you already have an instant backup of the core files, if you haven`t modified core, the Joomla! distribution files can be easily restored. Then you need only worry about backing up changed files and the database. [span class= Overview Most users may not need more than 3 levels of passwords and webmasters no more than 5. Each level must be completely unrelated to the others in terms of which ids and passwords are used. at Directions [span class=[span class=Use the free Joomla extension, Joomla! Tools Suite (JTS), which is a Joomla! environment audit, maintenance and diagnostic application written in PHP. The JTS suite of tools can diagnose, report and advise on common installation, health and security issues, including performing several common performance and recovery actions. Project Home: joomlacode. org / gf / project / jts / (gone away) You can also use this technique to deliver your own Every time they log in to the Back End, they`ll see your latest news. Overview All new Joomla installations start with a Super Administrator account called, `admin`. During the installation process, you will be asked to give this account a password. That`s great as far as it goes, but because the user name of this highly-confidential account is generally well known, 50% of the security of the username / password combination is already exposed. Now all anyone needs to do is guess the password and they`re in. By changing the user name to something more difficult to guess, you greatly increase the difficulty of accessing the account. An attacker must correctly guess both the user name and password at the same time to gain access. This is several magnitudes more difficult than simply guessing the right password. Directions When you edit an item from the Back-End,ralph lurean femme, there is a keep-alive script running that keeps the session active. This is a great convenience in most cases, as it prevents you from losing all your edits if you wait too long to submit the content. However, there are a few potential security issues to be aware of: [span class= Overview PHP`s register_globals option was a terrible idea from a security point of view. It encouraged lazy programming and exposed many scripts to needless risk . This is because RG allows variables passed by the user to be automatically passed to the script. This breaks a cardinal rule: Never trust user input. Register Globals has been officially deprecated in PHP5, and beginning with PHP6 will no longer even exist. Good riddance! Joomla 1.0.x uses RG_Emulation functions which are somewhat safer than standard PHP register_globals , but it`s still best not to allow any form of automatic variable assignments. Note that poorly-written extensions may fail with register_globals turned off. Such failure is a sign that the extension does not check user input correctly. the Best advise: Do not use such extensions. the Joomla 1.0.13 Beginning with the 1.0. 13 release, Register Globals Emulation has been moved to the main configuration file and can be adjusting in the Back-end Administrator interface. Joomla,jordan! 1.0.12 and earlier Edit the file, globals.php , found in the root directory of your Joomla! site. At about line 23 change: define (`RG_EMULATION`, 1) to define (`RG_EMULATION`, 0) [ span class = FATAL ERROR: MySQL not supported You need to compile MySQL support into PHP or the MySQL server is down. Error 2 = FATAL ERROR : Connection to database Joomla! cannot talk to the database, most likly you have a typo in the username or password settings in configuration.php , or you are trying to access a database table with the wrong table prefix. Error 3 = FATAL ERROR: Database not found The database cannot be found. Check the database settings in configuration.php The MySQL variables in configuration.php (found in Joomla! `s root directory) can be modified to correct these problems. For Joomla,sac pliage longchamp,air jordan pas cher Product Service,air jordan femme,polo ralph lurean pas cher,louis vuitton prezzi! 1.0.xx $ mosConfig_host = `localhost`; $ mosConfig_user = `accountname__username`; $ mosConfig_password = `userpassword`; $ mosConfig_db = `accountname_dbName`; $ mosConfig_dbprefix = `jos_`; Modifying the $ mosConfig_host to an IP Address of a remote host works for hosts that have separate MySQL servers from the client hosting servers. [span class=can be confusing. The basic UNIX permissions come in three flavors; Owner Permissions: Control your own access to files.Group Permissions: Control access for you and anyone in your group.Other Permissions: Control access for all others. In Unix, when permissions are configured the server allows you to define different permissions for each of these three categories of users. In a Web server environment permissions are used to control which Web site owners can access which directories and files. What do Unix permissions look like? When viewing your files through an FTP client or from the servers command line; filename.php username usergroup rwx rx rx The first entry is the name of the file, the next entry is your username on the server,polo ralph lurean, the second entry is the group that you are a member of and the last entry is the permissions assigned to that this file (or directory). If you notice, I have intentionally spaced out the permissions section, I have grouped the 9 characters into 3 sets of 3. This separation is key to how the permissions system works. The first set of 3 permissions (rwx) relate to the username seen above,lisseur ghd pas cher, the second set of 3 permissions (rx) relate to the usergroup seen above and the final set of 3 permissions (rx) relate to anyone else who is not associated with the username or groupname. Owner (User) relates to username The Owner (User) is normally you, these permissions will be enforced on your hosting account name. Group relates to usergroup The Group permissions will be enforced on other people that are in the same group as you, within a hosting environment,louis vuitton site officiel, there is very rarely other people in the same group as you. This protects your files and directories from being made available to anybody else who may also have a hosting account on the same server as you. Other relates to everyone else The Other permissions, these will be enforced on anybody else on the server that is either not you or not in your group. So in a Web Serving environment, remembering that no-one else is normally in your group, then this is everybody else accessing the server except for you. Each of the three sets of permissions are defined in the following manner; r = Read permissionsw = Write permissionsx = Execute permissions Owner Group Otherr wxrwxrwx As many of you already know, permissions are normally expressed as a numeric value, something like 755 or 644. so, how does this relate to what we have discussed above? Each character of the permissions are assigned a numeric value,ralph lurean home ralph lurean home louis vuitton jordan pas, this is assigned in each set of three,polo ralph lurean pas cher polo femme FUJI Fuji , Japan`s Fu, so we only need to use three values and reuse them for each set. Owner Group Otherr wxrwxrw x4 2 1 4 2 1 4 2 1 Now that we have a value that represents each permission, we can express them in numeric terms. The values are simply added together in the respective sets of 3, which will in turn give us just three numbers that will tell us what permissions are being set. If we are told that a file has the permissions of 777, this would mean that the following was true. Owner Group Otherr wxrwxrw x4 2 1 4 2 1 4 2 1 Thus 4 +2 +1 4 +2 +1 4 +2 +1 = 7 7 7 The Owner of the file would have full Read,polo ralph lurean pas cher,sac longchamp,chaussures air jordan, Write and Execute permissions, the group would also have full Read, Write and Execute permissions,polo ralph lurean pas cher chaussures jordan ghd pas cher Ru,polo ralph lurean pas cher,polo ralph lurean, and the rest of the world can also Read,nike air jordan,ralph lurean pas cher, Write and Execute the file. The standard, default permissions that get assigned to files and directories by the server are normally; Files = 644Directories = 755 These permissions would allow,nike air max tn pas cher, for files; 644 = rw-r r Owner has Read and WriteGroup has Read onlyOther has Read only and for directories; 755 = rwx rx r -xOwner has Read,ralph lurean pas cher,ghd pas cher lisseur cheveux ghd China Electronics, Write and ExecuteGroup has Read and Execute onlyOther has Read and Execute only Now, things can get a little complicated when we start talking about shared Web Servers,jordan femme, the Web Server software will be running with its own username and groupname,air jordan,christian louboutin shoes, most servers are configured for them to use either own user,sac longchamp pas cher jordan femme lisseur cheveu, and this user is not you or in your group, so the first two sets of permissions do not apply to it. Only the world (other) permissions apply. Therefore, if you configure a permissions set similar to 640 on your website files, your Web Server will not be able to run your website files. 640 = rw-r Owner has Read and WriteGroup has Read onlyOther has no rights The Web server is assigned no permissions at all and cannot Execute, Write or more importantly, even Read the file to delivery its content to a website visitors browser. If a directory was to be assigned 750 permissions, this would have the same effect,polo homme,chaussures jordan, because the WebServer does not even have permissions to read files in the directory, even if the files inside that directory had favorable permissions. 750 = rw-rx Owner has Read and WriteGroup has Read and ExecuteOther has no rights Directories have an extra quirk, if a directory does not have the Execute permission set in the World set then even if Read and Write are set,borse louis vuitton, if the program is not run as the user or group, it will still not be able to access the files within the directory. The Execute setting allows the program to command, thus cannot deliver your file to the users web browser. How Does this Relate to Joomla? Good question, well in the first instance this would be important during the Web-Installer process. If you can remember back to when you ran the Joomla,abercrombie and fitch france! Web-Installer,lisseur ghd pas cher, we were looking for specific directories to be designated as writable. We see quite a numbers of posts either stating that there were problems during the install with permissions or asking what permissions are recommended. Some even consider the message, asking for is configured, then it cannot be more specific, however, once you understand the permissions settings and you know a little about Web Serving environments,sac longchamp, you will actually find that the term writable is actually very specific and a more than adequate description of what Joomla! needs. Thinking back to the above information, you may remember that there are three places where write permissions maybe set; Owner WritableGroup WritableOther Writable Also remembering that the Web Server generally doesn`t run as your own user or in the same group. When you run the Web Installer from a browser, it is the Web Server trying to access the files, thus it is the writable . In this case, you will need to configure the Other permissions to be the worse case you might need to set 777. These very open permissions maybe reset back to 755 after the installer runs to assist in the security of your directories and files. 757 = rwx rx rwxOwner has Read, Write and ExecuteGroup has Read and ExecuteOther has Read, Write and Execute Just to make things even more confusing,polo homme polo femme sac longchamp pas cher aberc, many hosting firms make use of software called phpsuExec or suExec,louis vuitton outlet, these tools change the way the Web Server runs,ralph lurean, where the Web Server would not normally run as your username,ralph lurean, in this case, it does. The use of the other permissions,ghd, may not be required,sac longchamp, now you may only need to configure directories to be writable to your own username and groupname, this allows directory permissions to be set as 755 or 775 instead of 757 or 777. 755 = rwx rx r-xOwner has Read, Write and ExecuteGroup has Read and ExecuteOther has Read and Execute 775 = rwx rwx rx Owner has Read, Write and ExecuteGroup has Read, Write and ExecuteOther has Read and Execute The Web Server will still need to Execute set for the username and Read, Execute groupname permissions set so that it can Execute the Read command on files inside the directory. Again, these permissions may be demoted back to 755 after the Web Installer completes. Thats the basics for directories covered, what about files? This is where things get a little simpler. Most of the files that Joomla! makes use of will be quite happy with the 644 default permissions. 644 = rw-r r Owner has Read,abercrombie and fitch france, WriteGroup has ReadOther has Read This is valid if you do not have a need to Write to the files from the Web Server, the same rules apply as for directories if you do have this need. One file that you may like to have the Web Server. If your server needed directory permissions to be set to though, as you are letting everyone have one of the SU tools installed and you only needed to configure 755 on directories for the installation, then you will probably also only need to set 755 or 775 on this file to allow editing through the Admin interface, and these permissions are generally accepted as more secure than 757 or 777. In conclusion,louis vuitton borse abercrombie fitch abercrombie,air jordan pas cher jordan pas cher polo ralph lau, what permissions should be set for the Joomla,polo homme,cheap gucci bags! installation? Well, as you can see,nike air jordan,sac pliage longchamp, it depends! I know this isn`t as helpful as you would have liked and it certainly is not a definitive answer, but in general, after the installation, any insecure = 644Directories = 755 These permissions would allow, for files; 644 = rw-r r Owner has Read and WriteGroup has Read onlyOther has Read only and for directories,ralph lurean femme,jordan pas cher, 755 = rwx rx rx Owner has Read, Write and ExecuteGroup has Read and Execute onlyOther has Read and Execute only If you have SSH shell access the following commands can be run from the command line to reset all files and directories back to the server defaults of 755 and 644. Change directories to the top directory ( find.-type f-exec chmod 644 {} ; find.-type d-exec chmod 755 {} ; If you only have FTP access, this can be a very time consuming job, however, unless you changed more directories during the installation that was requested, you should only need to reset about 10 directories and the configuration.php file. Keep in mind that to install any extensions or templates after the actual Joomla! installation you may need to elevate the default permissions again on the appropriate directories just for the installation period, you may then demote them again after the add-on is installed. If you decide to use caching the cache directory will need to be writable by the Web server user to allow it to write its temporary files. [span class=server the recommended default permissions of 755 for directories and 644 for files should be reasonably secure. On a private server with a small, controlled set of users,chaussures jordan, there is no need to use a chmod 777 to make the Joomla! folders writable in order to perform installs. You can set the server up so that both Apache and FTP have control of site files. Directions Optional Short answer Potentially, yes. Your site can be secure, but you must be careful and vigilant. Long answer A common security principle is to create various security levels and then grant access at each level only as required. On UNIX servers this is done by setting the user,ralph lurean home, group,jordan pas cher, and world permissions on directories and files. Typically,sacs longchamp pliage, the most insecure directory on a UNIX server is the one serving Web files,polo ralph lurean, usually called public_html. This is because it is publicly accessible, world -readable, and in the case of a CMS-powered site, possibly even world-writable. That status is the very definition of officially,cheap gucci handbags,chaussures jordan, totally, and utterly insecure. As long as you want the entire world to view your public_html directory there is no problem. After all, that`s exactly what it`s designed to do. But if you want to hide anything, the plot thickens. If public_html contains configuration files with secret data, or scripts that write to databases, or scripts that modify other files,ralph lurean pas cher, or scripts that append to logs, or scripts that store temporary data in caches, or scripts that support file and graphic uploads, or scripts that process form input, or scripts that process financial and personal data,air jordan ralph lurean pas cher jordan pas cher j, this read- only directory becomes a world-accessible, read-write application. If there are ANY vulnerabilities in ANY files in the public_html directory, the entire server is potentially vulnerable, and not just your Web site but possibly every Web site on your server. Such vulnerabilities give attackers access to the scripting engines used to run your site. PHP,abercrombie fitch air jordan femme uggs retro carg, Perl and other Web scripting languages are powerful and easy to use. If programming vulnerabilities allow an attacker to call arbitrary commands, your entire server could be toast. One good way to block attackers, is to keep potential vulnerabilities behind a secure fence. For this reason, it is often recommended to only place files that require direct access from the Web in public_html. Other files should be loaded into applications using such functions as include and require. To access such files,polo ralph lurean,abercrombie france chaussures air jordan air jorda, attackers must first penetrate your server, such as by discovering a root username / password. The incredible lightness of living outside the fence To provide incredibly easy installation, Joomla,ghd pas cher! follows a different security model. It is possible to perform a complete Joomla! installation using nothing more than a Web browser pointed at the world -readable installation directory. An additional level of security is provided by requiring that you remove this installation directory after completing the install. Granting a world-accessible installer the ability to write to files outside of public_html would be a huge security hole. Thus,borse louis vuitton, by default every Joomla! file ends up in the world-accessible public_html directory. Not coincidentally,ralph lurean femme, this is also the directory in which an angry planetful of would-be attackers are hoping to find your files. Currently,ray ban pas cher Agricultural Bank of China HKG12, most Joomla extensions also have limited support for file locations outside of public_html. This is a legacy of the Joomla! 1.0.x installation model. Joomla! defense Despite it`s apparently vulnerable location, Joomla! uses various effective methods for blocking exploits. Chief among them is to add a line of code at the top of any PHP file that requires extra protection. This method is very effective as long as each and every file requiring such protection,ralph lurean home, has it. One vulnerable file exposes the whole site. The challenge The practice of placing everything in public_html, and then building a little fence inside each file can become an administrative nightmare. One vulnerable file exposes the entire server. This is a glaring example of an allow, then deny security model. This model requires very careful upgrades,polo femme, constant log reviews, and proactive plugging of new vulnerabilities as soon as they become known. (Since you have to beat the attackers, you`ll be in a hurry, and may inadvertently do something stupid, potentially creating other vulnerabilities .) During installations and upgrades, you must verify (or trust someone else to verify) every line of code, of every new file, for every known vulnerability. And because scripts can have unintended consequences on each other ,gucci Sunglasses, you cannot forget to test, test,air max pas cher, test. Of course this is generally true for all software, but placing the entire application in public_html makes the issue extremely critical. The recent wave of URL injection attacks against poorly -written third party extensions would have been much less successful if those files had been stored outside of public_html, and thus simply unavailable through URLs. Note that in many cases the actual vulnerabilities could still exist within the files, but being inside the fence (outside http://tqcfnc.com [url=http://altiiybqyh.com]altiiybqyh[/url] [link=http://rwhhcfwc.com]rwhhcfwc[/link]**More....